<?php

namespace App\Http\Middleware;

use Closure;

class Cors
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next) {
        $response = $next($request);
        $response->header('Access-Control-Allow-Origin', '*');
        $response->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Cookie, Accept');
        $response->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, OPTIONS');
        // $response->header('Access-Control-Allow-Credentials', 'true');
        return $response;
    }

    /**
     * 处理请求-解决跨域问题
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     * @author zhangdong
     * @date 2019.1.2
     */
//    public function handle($request, Closure $next) {
//
//        //设置允许来源头信息：Access-COntrol-Allow-Origin
//        header("Access-Control-Allow-Origin: *");
//
//        // 设置允许请求的方法
//        $headers = [
//            'Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, PUT, DELETE',
//            'Access-Control-Allow-Headers' => 'Content-Type, X-Auth-Token, Origin, Authorization'
//        ];
//
//        if ($request->getMethod() == "OPTIONS") {
//            // 对于预请求返回200
//            return \Response::make('OK', 200, $headers);
//        }
//        $response = $next($request);
//        foreach ($headers as $key => $value)
//            $response->header($key, $value);
//        return $response;
//    }



}
